A recent GAO Report on electronic voting systems points to a number of security and reliability problems in electronic
voting. Many of these problems can only be remedied by system vendors and state and local election officials. What steps are
your state and local election officials taking in response to the report?

The GAO report identified a substantial number of security and reliability
problems related to electronic voting systems, and it made clear that many of these problems can only be addressed by state
and local governments and/or voting machine vendors. One of the most important issues raised by the report is what steps
state and local election officials will take in advance of the 2006 and 2008 elections to ensure the integrity of their voting
systems.

The GAO report recommends that “[e]lection officials should focus on
the security issues related to electronic voting equipment before purchasing or implementing voting systems.”
(p. 41). It specifically recommends that in soliciting bids for voting machines, election officials demand proposals
that include security requirements and evaluation and test procedures. (Id.).
The GAO report further recommends that election officials “should review lessons learned from recent elections and implement
relevant mitigation steps to address known security weaknesses.” (Id.).

But the sheer number of the concerns identified by the GAO report could easily
overwhelm anyone, particularly someone without expertise in security issues related to electronic voting. The
wise jurisdiction (regardless of whether the electronic voting system has been, or is about to be purchased) will hire independent
security experts to review the reliability and security of current or prospective electronic voting systems. Specifically,
such a review should cover the problem areas identified by the GAO report, including: (a) hardware and software design of
the machines; (b) hardware/firmware and software configuration; (c) testing and certification of voting machines and software;
(d) election procedures; and (e) security management.

The need for election officials and/or consultants with security and technical
expertise becomes apparent when reviewing the specifics in the GAO report. Among other things, the GAO report identifies
instances where “local jurisdictions misconfigured their electronic voting systems,” leading to voters being unable
to vote in certain races, or having their cast votes lost. (p. 29). As the GAO report notes, past Election Day system
failures in California, North Carolina, Pennsylvania,
Florida and Ohio have already
caused thousands of voters to be disenfranchised. (p.31). The root cause of each of these failures was not always
known. However, having independent assessments by professionals with expert-level security and technical qualifications
should make such mishaps less likely in the future.

Such technologists should also take steps to ensure that voting software installed
at the local level has been qualified at the national and state levels. The GAO report highlights the danger that unreliable
or uncertified versions of software could end up on voting systems. It notes that, in separate instance in California and Indiana, “state
officials found that two different vendors have violated regulations and state law by installing uncertified software on voting
systems.” (p.37).

Jurisdictions that have recently purchased, or are in the process of purchasing, electronic voting machines should be aware
of the specific machine design problems identified in the GAO report. Among other problems, the GAO noted that several
examinations have shown that cast ballots and ballot definition files in many voting systems can be modified without leaving
any record in the voting system’s audit logs. It also noted that supervisor functions are often protected with
weak or easily guessed passwords, and that these weak safeguards could be exploited in attacks against the integrity of elections.
Similarly, in many cases, the poor physical design of the hardware leaves it susceptible to attacks or accidental mishaps
that could result in the loss of many votes. Voting machine vendors are responsible to election officials and the public to
ensure that these and other vulnerabilities identified in the GAO report are remedied as soon as possible...

Fri Dec 31 23:17:18 2004 Future issues (Charlie Strauss) In the future
we anticipate the development of a hardware technology known as a “trusted computing platform”
to emerge. This technology will allow a computer to self-validate it’s own software and hardware have not been tampered
with and greatly enhance security. At present this technology is NOT available. However legislation should be designed foster
migration of this technology when it becomes available. Legislation can be designed now to anticipate securing the new key
hardware devices that enable this platform. ...

1) It is not enough that elections be accurate, they have to provably so and in manner transparent to voters.

2) Errors will occur. We must design systems that can recover from errors, not design systems that require unachievable
levels of perfection in hardware, software, and operators.

3) Innocent anomalies will occur. Without open systems, errors, fraud, and innocent anomalies can appear indistinguishable;
for elections to be trustable we have to be confident we can distinguish these.

To strike an analogy: open meetings laws not only prevent conspiracies they also lead to public trust in governance without
all parties having to have blind faith. In any given meeting, the oversight imposed by meetings-laws may seem inconvenient
or onerous, but in hindsight it cumulatively leads to a more efficient government because it is trusted.

Get expert advice

We recommend forming a panel of experts to guide voting system requirements. In particular we can recommend Prof.
Avi Ruben (Johns Hopkins), Prof. Doug Jones (Iowa State), Dr. David Jefferson (Lawrence Livermore National Lab), Dr. Rebecca
Mercuri, Dr. David Mertz and Prof David Dill (Stanford). Dr. Jefferson has been instrumental in guiding the creation of California’s
new standards. Prof. Ruben researches modern voting system security. Prof. Jones has published numerous papers on the subject
and critically analyzed touchscreen software errors in Florida. Mertz, Jones and Mercuri have separately laid out design precepts
for secure, trustable voting systems with voter verified paper trails. The new
draft California standards and laws will be a useful reference for New Mexico. Harvard University recently published an election
systems best-practices guide that also addresses these issues. If you cannot obtain these directly we can assist you in getting
pre-prints. We recommend against two advisors preferred by the outgoing
Election Director, Denise lamb: many positions advocated by Prof. Ted Selker and Prof. Michael Ian Shamos are widely disputed
by their peers in the computer science community.

Inside Risks columns from the Communications of the ACM... discussion of computer-related voting can be found
in the columns of January 2001, November 2000, June 2000, and in earlier columns November 1993, November 1992, and November
1990 appended below, which you will find in the continuation of the menu. http://www.csl.sri.com/users/neumann/insiderisks.html

More...

February 10, 2006

Important
legal decision re voting machine by NJ Appeals Court

by Mary Ann Gould and Ruth Matheny of the Coalition for Voting Integrity

The New Jersey Appeals Court has agreed with concerns raised that electronic voting
machines used in NJ (paperless touchscreens, with no voter verified ballots presently available) may violate NJ Constitution
and election laws and has reinstated the lawsuit. A Press release issued by Rutgers Constitutional Litigation Law Clinic is
noted below. The Coalition for Voting Integrity considers this an important step forward and that it is supportive of our
own lawsuit in PA which challenges constitionality as well as additional issues especially those relating to certification
standards of electronic voting machines.

On Jan 18, 2006, the Coalition for Voting integrity, and its' cofounders Mary
Ann Gould and Ruth Matheny, filed a lawsuit against Pedro Cortes, Secretary of the Commonwealth of Pennsylvania. The Complaint
alleges that Cortes erroneously discounted lever voting systems, applied inconsistent certification standards to the voting
system being reviewed for Pennsylvania, and that the integrity, security and proof of the voters' ballots are not being sufficiently
considered to satisfy United States and Pennsylvania constitutional standards. (Further details may be found on

Michael I. Shamos, Ph.D., J.D, Distinguished Career Professor in the School of Computer Science. Dr. Shamos was statutory
examiner of computerized voting systems for Pennsylvania from 1980-2000 and for Texas from 1987-2000, examining over 100 different
voting systems. He has testified before several state legislatures and three committees of Congress regarding electronic
voting, was on the SERVE Project Review Group for internet voting and is now a member of the National Research Council Electronic
Voting Workshop and the AAAS Electronic Voting Technologies Workshop. He has been an expert witness in three recent
lawsuits involving electronic voting: Wexler v. Lepore in Florida, Benavidez v. Shelley in California and Schade
v. Maryland State Board of Elections and was the author in 1993 of “Electronic Voting — Evaluating the Threat” and in 2004 of “Paper v. Electronic Voting Records — An Assessment,” both presented at the ACM Conference on Computers, Freedom & Privacy.

In an effort to provide more comprehensive coverage on this issue we are providing a listing of "Verified Voting Audio/Video
News". We do not review each segment in its entirety prior to its posting. Content in the segments themselves and on other
websites to which they link may express opinions that are not those of the Verified Voting Foundation or VerifiedVoting.org.

In addition to working with NIST to launch the
TGDC, EAC responded to public concerns about the security and reliability of electronic touch-screen voting systems, popularly
referred to as DREs. The Commission held a public hearing in May 2004 on the use, security, and reliability of electronic
voting systems. Witnesses included computer security experts, academics, election officials, voting rights advocates, and
voting system vendors. The Commission made voting system security and auditability a priority of its standards work.

EAC
also issued an Advisory Letter on Electronic Voting Security, which identified a number of actions that election officials
could take to improve system integrity and promote voter confidence for the 2004 election. One recommendation was to define
and implement enhanced security measures and provide process transparency to the public. In addition, the Commission requested
that voting system vendors submit copies of their certified software to the NIST Software Reference Library so election officials
could validate the software used for the election.The State of Maryland used
this capability for the 2004 election.